NY passes grid-minded cybersecurity legislation
New York State governor Kathy Hochul has signed legislation that will create cybersecurity protections for the state’s energy grid. Taken during a global surge in cyberattacks against critical infrastructure, the action is hoped to ensure New York’s grid reliability and security.
Legislation A.3904B/S.5579A, which passed unanimously in both the New York State Assembly and New York State Senate, strengthens protections for the local distribution system and requires utilities to secure critical infrastructure against cyberattacks.
The legislation will require utilities to prepare for cyberattacks in their annual emergency response plans – similar to what utilities do to prepare for storms.
The new protections will provide the Public Service Commission enhanced auditing powers to ensure that critical infrastructure and customer data is secured.
Have you read:
Think smart; act smart; win smart
Geopolitics shake up cyber considerations
Cyber solution launched for smart meter manufacturers
“The first modern electric grid was built in New York State, and 140 years later, we continue to take nation-leading steps to keep the lights on for all New Yorkers by strengthening our cybersecurity,” governor Hochul said.
“We understand that as the financial capital of the world and a leader in clean energy, New York is a target for hackers. This critical legislation will help protect millions of New Yorkers who depend on reliable electric service and ensure a smooth transition to clean energy.”
Deputy national security advisor for cyber and emerging technology Anne Neuberger added, “As technology is used in new ways across the energy sector, it is imperative that we take steps to protect our energy grid from cyber threats.
“We applaud New York for advancing nation-leading, cybersecurity legislation for energy companies. This is an important step towards protecting critical infrastructure and we look forward to working with the Hochul Administration on implementing the new requirements.”
This action comes following guidance from President Joe Biden requesting that state’s set minimum cybersecurity requirements for critical infrastructure, including the energy system.
In several instances over the past decade, cyberattacks have proven capable of shutting down electric grids.